package com.cjy.common.permissionaop;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.stereotype.Component;

import com.base.common.action.AbstractBaseAction;
import com.cjy.common.annotation.PermissionKey;
import com.cjy.common.exception.NoPermissionException;

/**
 * 
 * @Description: 权限切入点
 * @author kat.luhongkai
 */
@Component
@Aspect
public class SystemPermission extends AbstractBaseAction {

	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;

	@Pointcut("@annotation(com.cjy.common.annotation.PermissionKey)")
	public void checkPermission() {
	}

	/**
	 * 利用shiro检查权限
	 * 
	 * @param permissionKey
	 */
	@Before(value = "com.cjy.common.permissionaop.SystemPermission.checkPermission()&&"
			+ "@annotation(permissionKey)", argNames = "permissionKey")
	public void checkPermissionByShiro(PermissionKey permissionKey) {
		boolean isNoPermission = true;
		if (permissionKey.isCheck()) {
			Subject currentSubject = SecurityUtils.getSubject();
			// 判断是否有这个权限
			for (String permission : permissionKey.value()) {
				if (currentSubject.isPermitted(permission)) {// 包含
					isNoPermission = false;
					break;
				}
			}
		} else {
			return;
		}
		if (isNoPermission) {
			throw new NoPermissionException("没有该权限");
		}
	}
}
